CVE-2009-4020

Priority

Medium

Description

Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32allows remote attackers to have an unspecified impact via a craftedHierarchical File System (HFS) filesystem, related to the hfs_readdirfunction in fs/hfs/dir.c.

Ubuntu-Description

Amerigo Wang discovered that HFS filesystem did not correctly validatedisk structures. If a user were tricked into mounting a specially craftedHFS filesystem, a remote attacker could crash the system or gain rootprivileges.